Juniper ATP: Password hashing uses DES and a hardcoded salt
CVE-2019-0030
6.7MEDIUM
Key Information:
- Vendor
Juniper Networks
- Status
- Vendor
- CVE Published:
- 15 January 2019
Badges
👾 Exploit Exists
What is CVE-2019-0030?
Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
Affected Version(s)
Juniper ATP 5.0 < 5.0.3